mirror of
https://github.com/godotengine/buildroot.git
synced 2026-01-02 21:48:20 +03:00
fbe6c566a9
Fixes the following security issues:
- bpo-40121: Fixes audit events raised on creating a new socket
- bpo-38576: Disallow control characters in hostnames in http.client,
addressing CVE-2019-18348. Such potentially malicious header injection
URLs now cause a InvalidURL to be raised.
- bpo-39503: CVE-2020-8492: The AbstractBasicAuthHandler class of the
urllib.request module uses an inefficient regular expression which can be
exploited by an attacker to cause a denial of service. Fix the regex to
prevent the catastrophic backtracking. Vulnerability reported by Ben
Caller and Matt Schwager.
For more details, see the changelog:
https://docs.python.org/release/3.8.3/whatsnew/changelog.html#security
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5ff01eb31f)
[Peter: mention security impact]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
63 lines
1.8 KiB
Diff
63 lines
1.8 KiB
Diff
From 332373ca25f2dbe5473330666ec49143506a4dc0 Mon Sep 17 00:00:00 2001
|
|
From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
Date: Wed, 22 Feb 2017 17:31:51 -0800
|
|
Subject: [PATCH] Add an option to disable the curses module
|
|
|
|
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
Signed-off-by: Samuel Martin <s.martin49@gmail.com>
|
|
[ Andrey Smirnov: ported to Python 3.6 ]
|
|
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
|
|
---
|
|
Makefile.pre.in | 7 +++++--
|
|
configure.ac | 9 +++++++++
|
|
2 files changed, 14 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/Makefile.pre.in b/Makefile.pre.in
|
|
index 5d78419fd4..660c292765 100644
|
|
--- a/Makefile.pre.in
|
|
+++ b/Makefile.pre.in
|
|
@@ -1336,8 +1336,7 @@ LIBSUBDIRS= site-packages \
|
|
turtledemo \
|
|
multiprocessing multiprocessing/dummy \
|
|
unittest \
|
|
- venv venv/scripts venv/scripts/common venv/scripts/posix \
|
|
- curses
|
|
+ venv venv/scripts venv/scripts/common venv/scripts/posix
|
|
|
|
TESTSUBDIRS= test \
|
|
test/audiodata \
|
|
@@ -1413,6 +1412,10 @@ TESTSUBDIRS += tkinter/test tkinter/test/test_tkinter \
|
|
tkinter/test/test_ttk
|
|
endif
|
|
|
|
+ifeq (@CURSES@,yes)
|
|
+LIBSUBDIRS += curses
|
|
+endif
|
|
+
|
|
ifeq (@LIB2TO3@,yes)
|
|
LIBSUBDIRS += lib2to3 lib2to3/fixes lib2to3/pgen2
|
|
TESTSUBDIRS += lib2to3/tests \
|
|
diff --git a/configure.ac b/configure.ac
|
|
index b5922451cc..ea422a86a9 100644
|
|
--- a/configure.ac
|
|
+++ b/configure.ac
|
|
@@ -3252,6 +3252,15 @@ if test "$TK" = "no"; then
|
|
DISABLED_EXTENSIONS="${DISABLED_EXTENSIONS} _tkinter"
|
|
fi
|
|
|
|
+AC_SUBST(CURSES)
|
|
+AC_ARG_ENABLE(curses,
|
|
+ AS_HELP_STRING([--disable-curses], [disable curses]),
|
|
+ [ CURSES="${enableval}" ], [ CURSES=yes ])
|
|
+
|
|
+if test "$CURSES" = "no"; then
|
|
+ DISABLED_EXTENSIONS="${DISABLED_EXTENSIONS} _curses _curses_panel"
|
|
+fi
|
|
+
|
|
AC_SUBST(PYDOC)
|
|
|
|
AC_ARG_ENABLE(pydoc,
|
|
--
|
|
2.20.1
|
|
|